OWASP Top 10 - 2021

About OWASP

OWASP Top 10 logo

OWASP stands for the Open Web Applications Security Project. The OWASP foundation's goal is to develop applications and APIs that can be trusted and theirthe security of purchase and maintenance of these. The OWASP TOP-10 list aims at raising awareness about the most critical security risks for developers and web application security in general. It is highly recommended to use this list as a practical first step for any organization towards producing more secure code and applications.

OWASP TOP 10 - 2021:


Every four years, the OWASP Top 10 is republished. The most recent OWASP is the one for 2021. The most significant changes include creating three new categories, name and scope changes for four categories, and some consolidation. Below is an overview of the OWASP Top 10 - 2021.

  1. A01:2021-Broken Access Control;
  2. A02:2021-Cryptographic Failures;
  3. A03:2021-Injection;
  4. A04:2021-Insecure Design;
  5. A05:2021-Security Misconfiguration;
  6. A06:2021-Vulnerable and Outdated Components;
  7. A07:2021-Identification and Authentication Failures;
  8. A08:2021-Software and Data Integrity Failures;
  9. A09:2021-Security Logging and Monitoring Failures;
  10. A10:2021-Server-Side Request Forgery.
Learn more keyboard_arrow_right